CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3663 – CODESYS: Missing integrity check in CODESYS Development System
https://notcve.org/view.php?id=CVE-2023-3663
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CODESYS Development System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the LearnMoreAction function. The issue results from a missing integrity check on notification data. An attacker can leverage this vulnerability to execute code in the context of the current user. • https://cert.vde.com/en/advisories/VDE-2023-022 • CWE-345: Insufficient Verification of Data Authenticity CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-3670 – Codesys: Vulnerability in CODESYS Development System and CODESYS Scripting
https://notcve.org/view.php?id=CVE-2023-3670
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users. This vulnerability allows local attackers to escalate privileges on affected installations of CODESYS Development System. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of python scripts. The issue results from the lack of resource separation between control spheres. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the Administrator. • https://cert.vde.com/en/advisories/VDE-2023-024 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-47393 – CODESYS: Multiple products prone to improperly restricted memory operations
https://notcve.org/view.php?id=CVE-2022-47393
An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download= • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-47392 – CODESYS: Multiple products prone to Improper Input Validation
https://notcve.org/view.php?id=CVE-2022-47392
An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17554&token=5444f53b4c90fe37043671a100dffa75305d1825&download= • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2022-47391 – CODESYS: Multiple products prone to Improper Input Validation
https://notcve.org/view.php?id=CVE-2022-47391
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download= • CWE-20: Improper Input Validation •